Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/SqxyCBjN4dWr1ZnvRYDbw50_aXk.roa
File: SqxyCBjN4dWr1ZnvRYDbw50_aXk.roa (raw, json)
Hash identifier: h/0SxthR5C6noB6H/q9jWnRgPXtnKb8pvFp3i2xS1jE=
Subject key identifier: 4A:AC:72:08:18:CD:E1:D5:AB:D5:99:EF:45:80:DB:C3:9D:3F:69:79
Certificate issuer: /CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Certificate serial: 0182A82B2168D8E0AEB754F48DFA87635DAF
Authority key identifier: B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/SqxyCBjN4dWr1ZnvRYDbw50_aXk.roa
Signing time: Tue 16 Aug 2022 19:39:34 +0000
ROA not before: Tue 16 Aug 2022 19:39:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12555
IP address blocks: 45.135.92.0/22 maxlen: 22
81.29.128.0/20 maxlen: 20
93.189.144.0/21 maxlen: 21
185.37.63.0/24 maxlen: 24
2a0e:8f40::/29 maxlen: 29
2a00:f2a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a8:2b:21:68:d8:e0:ae:b7:54:f4:8d:fa:87:63:5d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b343514630dc17f3fe9b51dd434184d0b62b03c0
Validity
Not Before: Aug 16 19:39:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4aac720818cde1d5abd599ef4580dbc39d3f6979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:98:84:6d:da:34:59:4d:e4:48:e9:6c:d1:
8d:e3:5a:6b:68:bf:29:30:52:c0:00:44:9c:b1:c0:
16:fb:f2:32:d0:82:7a:75:69:a1:8a:6f:74:b6:9a:
7c:bc:16:8e:41:30:83:81:25:69:18:8f:d7:46:b7:
b7:07:60:56:58:b9:c6:73:dc:61:fc:35:40:e1:de:
86:93:30:e4:58:7b:79:2f:4b:60:07:cb:f5:7b:18:
9a:1c:f6:fd:01:95:b1:3a:b0:f0:ce:71:c7:dd:ec:
e1:52:de:49:8d:94:7e:a2:1e:09:1d:82:6c:12:af:
82:9c:0a:34:5e:91:45:ac:4c:0d:84:f5:ad:2e:13:
bf:ed:25:7c:d1:63:e2:85:56:15:d9:4d:e4:e2:a5:
1b:c3:85:38:94:85:82:ee:2f:d9:42:6e:45:cc:9d:
87:35:68:27:d5:94:ac:12:ef:94:17:6c:a8:65:e3:
76:85:96:b6:28:a1:9d:a9:0d:da:1f:95:df:e0:d2:
ff:31:ea:da:3d:15:54:e4:03:91:07:a4:dd:79:e4:
e6:36:0b:c3:f0:4f:90:ee:13:56:d8:6a:23:0e:a7:
3d:fc:ac:2d:b1:55:67:df:cb:74:38:4b:07:9d:5c:
4f:f0:40:01:fe:46:4e:11:53:df:da:98:55:4b:c1:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AC:72:08:18:CD:E1:D5:AB:D5:99:EF:45:80:DB:C3:9D:3F:69:79
X509v3 Authority Key Identifier:
keyid:B3:43:51:46:30:DC:17:F3:FE:9B:51:DD:43:41:84:D0:B6:2B:03:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/SqxyCBjN4dWr1ZnvRYDbw50_aXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/138046-7be0-4017-a98b-a7247e9d5f3a/1/s0NRRjDcF_P-m1HdQ0GE0LYrA8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.92.0/22
81.29.128.0/20
93.189.144.0/21
185.37.63.0/24
IPv6:
2a00:f2a0::/32
2a0e:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
06:0e:52:7f:b0:03:4e:09:18:95:fd:28:85:97:14:87:82:b7:
22:b0:67:ca:01:c5:d4:3b:d9:c9:1a:00:66:c5:67:f1:73:c5:
ab:a9:cb:a1:2e:24:c6:94:15:26:05:26:ea:37:9c:06:08:34:
ee:b8:3b:ed:4b:3d:ad:07:81:46:83:0c:52:2f:a4:81:73:cd:
64:b9:b8:f8:84:97:50:a5:db:97:58:c8:0e:f1:24:f5:42:f3:
1b:45:38:c7:db:6f:cf:47:7e:f7:20:dc:50:1f:ba:fd:4d:30:
a8:80:b3:0c:18:42:bb:69:7f:f6:20:74:10:ec:db:f9:2e:a4:
61:0b:6c:b1:11:24:ba:1c:c8:a9:a4:b3:5d:40:e6:02:f5:e7:
95:5a:48:51:6c:bc:23:7a:af:bb:0d:92:c0:f8:4e:5d:61:63:
d1:ff:15:25:f4:94:c8:4a:c9:93:b8:48:ba:1e:ee:f3:ab:91:
cb:69:9f:06:77:f2:e8:df:5a:2e:59:b9:94:72:50:dc:3a:19:
c3:b7:ae:f5:f8:a0:26:05:a2:8c:62:5d:10:76:1e:d9:e6:6d:
29:b0:78:1c:72:2d:aa:87:da:35:61:4a:66:76:e0:a6:87:4c:
a0:c4:cd:5f:95:be:70:89:86:73:60:d1:6e:f7:20:8b:34:ea:
80:26:78:2b
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYKoKyFo2OCut1T0jfqHY12vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNDM1MTQ2MzBkYzE3ZjNmZTliNTFkZDQzNDE4NGQwYjYy
YjAzYzAwHhcNMjIwODE2MTkzOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFjNzIwODE4Y2RlMWQ1YWJkNTk5ZWY0NTgwZGJjMzlkM2Y2OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcOYhG3aNFlN5EjpbNGN41praL8p
MFLAAEScscAW+/Iy0IJ6dWmhim90tpp8vBaOQTCDgSVpGI/XRre3B2BWWLnGc9xh
/DVA4d6GkzDkWHt5L0tgB8v1exiaHPb9AZWxOrDwznHH3ezhUt5JjZR+oh4JHYJs
Eq+CnAo0XpFFrEwNhPWtLhO/7SV80WPihVYV2U3k4qUbw4U4lIWC7i/ZQm5FzJ2H
NWgn1ZSsEu+UF2yoZeN2hZa2KKGdqQ3aH5Xf4NL/MeraPRVU5AORB6TdeeTmNgvD
8E+Q7hNW2GojDqc9/KwtsVVn38t0OEsHnVxP8EAB/kZOEVPf2phVS8FbMwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFEqscggYzeHVq9WZ70WA28OdP2l5MB8GA1UdIwQY
MBaAFLNDUUYw3Bfz/ptR3UNBhNC2KwPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGIt
YTcyNDdlOWQ1ZjNhLzEvU3F4eUNCak40ZFdyMVpudlJZRGJ3NTBfYVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMzgwNDYtN2JlMC00MDE3LWE5OGItYTcyNDdlOWQ1ZjNh
LzEvczBOUlJqRGNGX1AtbTFIZFEwR0UwTFlyQThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYdcAwQE
UR2AAwQDXb2QAwQAuSU/MBQEAgACMA4DBQAqAPKgAwUDKg6PQDANBgkqhkiG9w0B
AQsFAAOCAQEABg5Sf7ADTgkYlf0ohZcUh4K3IrBnygHF1DvZyRoAZsVn8XPFq6nL
oS4kxpQVJgUm6jecBgg07rg77Us9rQeBRoMMUi+kgXPNZLm4+ISXUKXbl1jIDvEk
9ULzG0U4x9tvz0d+9yDcUB+6/U0wqICzDBhCu2l/9iB0EOzb+S6kYQtssREkuhzI
qaSzXUDmAvXnlVpIUWy8I3qvuw2SwPhOXWFj0f8VJfSUyErJk7hIuh7u86uRy2mf
Bnfy6N9aLlm5lHJQ3DoZw7eu9figJgWijGJdEHYe2eZtKbB4HHItqofaNWFKZnbg
podMoMTNX5W+cImGc2DRbvcgizTqgCZ4Kw==
-----END CERTIFICATE-----
Generated at Thu May 1 01:26:32 2025 by rpki-client